<script type="text/javascript" src="../modules/admin/asset/javascripts/ibox/ibox.js"></script>
<?php
require_once "../../../dbconnect.php";

/* Functions */
function checkavailable($var1, $var2, $var3) // var1=1: available; var2:asset_id; var3: checkout string
{
	if($var1 == '1') // available
		return '<input type="button" name="checkout" value="Checkout" title="Checkout this asset" style="width:65px;" onclick="asset('."'checkout','".$var2.'\');" />';
	else
	{	
		$username = explode(",",$var3);
		if(mysql_num_rows(mysql_query("SELECT * FROM tbladmins WHERE id='".$_SESSION['adminid']."' AND username='".$username[0]."';")) > 0)
			return '<input type="button" name="checkin" value="Checkin" title="Checkin this asset" style="width:65px;" onclick="asset('."'checkin','".$var2.'\');" />'; 
		return '<img src="../modules/admin/asset/images/not_available.gif" width="15px" height="15px" border="0" alt="Not available" title="This asset is not available now"/>';
	}
}

function isadmin()
{
	$userrow = mysql_fetch_array(mysql_query("SELECT username FROM tbladmins WHERE id='".$_SESSION['adminid']."';"));			
	if(mysql_num_rows(mysql_query("SELECT * FROM tbladmins WHERE roleid='1' AND username='".$userrow[0]."';")) > 0)
		return 1;
	return 0;
}

function isdelete($id)
{
	$isadmin = isadmin();
	if($isadmin == 1)
		return '&nbsp;&nbsp;&nbsp;<img title="Delete this asset" src="../modules/admin/asset/images/delete.png" width="12px" height="12px" onclick="asset('."'delete','".$id.'\');"  />';
}

function assetcheckout() 
{
	$id = (int)$_GET['id'];		
    $userrow = mysql_fetch_array(mysql_query("SELECT username FROM tbladmins WHERE id='".$_SESSION['adminid']."';"));
	$checkout = $userrow[0] .", ".date("H:i d-m-Y");		
	$updateresult = mysql_query("UPDATE mod_asset SET available='0',checkout='".$checkout."' WHERE ID='" .$id. "';");			
	if($updateresult)
	{
		$getrowsql = "SELECT * FROM mod_asset WHERE ID='" .$id. "';";			
		$getrowresult = mysql_query($getrowsql);
		if($getrowresult)
		{
			while($row = mysql_fetch_array($getrowresult))
				echo '
						<td>'.$row["serialnumber"].'</td>
						<td>'.$row["name"].'</td>
						<td>'.$row["department"].'</td>										
						<td align="center">'.$row["checkout"].'</td>
						<td align="center">'.checkavailable($row["available"],$row["ID"],$row["checkout"]). isdelete($row["ID"]).'</td>
						<td align="center"><a href="?do=viewlog&id='.$row["ID"].'" rel="ibox" title="History">View</a></td>';
		}
	}
    writelog('checkout',$id);
}

function assetcheckin() 
{
	$id = (int)$_GET['id'];		
	$updatesql = "UPDATE mod_asset SET available='1',checkout='' WHERE ID='" .$id. "';";
	$updateresult = mysql_query($updatesql);
	if($updateresult)
	{
		$getrowsql = "SELECT * FROM mod_asset WHERE ID='" .$id. "';";			
		$getrowresult = mysql_query($getrowsql);
		if($getrowresult)
		{
			while($row = mysql_fetch_array($getrowresult))
				echo '
						<td>'.$row["serialnumber"].'</td>
						<td>'.$row["name"].'</td>
						<td>'.$row["department"].'</td>										
						<td align="center">'.$row["checkout"].'</td>
						<td align="center">'
							.checkavailable($row["available"],$row["ID"],$row["checkout"]). isdelete($row["ID"]) .'</td>
						<td align="center"><a href="../modules/admin/asset/functions.php?do=viewlog&id='.$row["ID"].'" rel="ibox" title="History">View</a></td>';
		}
	}
    writelog('checkin',$id);
}
	 
function assetinsert() 
{
	$response = '';
	$assetserialnumber = $_GET['no'];
	$assetname = $_GET['name'];
	$assetdepartment = $_GET['dp'];
	$getdepartment = mysql_fetch_array(mysql_query("SELECT department FROM mod_config WHERE ID='".$assetdepartment."';"));
	$insertsql = "INSERT INTO mod_asset(serialnumber,name,department,available,checkout,history) values('" .$assetserialnumber. "','" .$assetname. "','" .$getdepartment[0]. "','1','','');";
	
	$insertresult = mysql_query($insertsql);		
	if($insertresult)
		echo '<font color="red">Asset added: <b>' .$assetname. '</b></font>';
	else 
		echo '<font color="red"><b>Failed!</b></font>';		
}

function assetdelete() 
{
	$id = (int)$_GET['id'];		
	$updatesql = "DELETE FROM mod_asset WHERE ID='" .$id. "';";
	$updateresult = mysql_query($updatesql);
	
	if($updateresult)
		echo '<td align="center" colspan="6"><b>This asset has been removed!</b></td>';
	else 
		echo '<td align="center" colspan="6">Remove asset <b>FAILED</b>!</td>';
}

function writelog($action,$actionid)
{
    $userrow = mysql_fetch_array(mysql_query("SELECT username FROM tbladmins WHERE id='".$_SESSION['adminid']."';"));
    $insertlog = mysql_query("INSERT INTO mod_log(userid,mod_type,timestamp,action,actionid) values('".$userrow[0]."','mod_asset','".date("H:i d-m-Y")."','".$action."','".$actionid."')");
}

function assetviewlog()
{
    $id = (int)$_GET["id"];
    $getlog = mysql_query("SELECT * FROM mod_log WHERE actionid='".$id."'");    
    while($row = mysql_fetch_array($getlog))
        $logstring .= '<tr><td>'.$row["action"]." by ".$row["userid"]." at ".$row["timestamp"]."</td></tr>";
    if($logstring == '')        
        echo '<div style="margin-top:20px;text-align:center;"><b>No log!</b></div>'; 
    else
        echo '<div style="margin-top:20px;"><table id="viewlogtable" align="center">'.$logstring.'</table></div>';
}

function filter()
{
	$name = $_GET['name'];
	$department_int = (int)$_GET['department'];
	$department = '';
	if($department_int == 1)
		$department = 'Technical';
	if($department_int == 2)
		$department = 'Sales';
	if($department_int == 3)
		$department = 'Accounting';
	$status = $_GET['status'];
	$checkoutby = $_GET['checkoutby'];
	
	if($status != '')
		$sql = "SELECT * FROM mod_asset WHERE available='".(int)$status."' ";
	if($status == '')
		$sql = "SELECT * FROM mod_asset WHERE available='0' OR available='1' ";
	if($name != '')
		$sql .= " AND name LIKE '%".$name."%' ";
	if($checkoutby != '')
		$sql .= "AND checkout LIKE '%".$checkoutby."%' ";
	if($department != '')
		$sql .= "AND department LIKE '%".$department."%' ";
		
	$dbgetAll = mysql_query($sql);
	echo '
		<table cellspacing="1px" cellpadding="5px" class="assettable" border="0" bgcolor="#CCC" width="100%">
			<tr align="center" bgcolor="#EEE">
                <th>Serial Number</th>
                <th><a href="?module=asset&sort=name&sortby='.$sort_order.'">Name</a></th>
                <th><a href="?module=asset&sort=department&sortby='.$sort_order.'">Department</th>
                <th><a href="?module=asset&sort=checkout&sortby='.$sort_order.'">Checkout</th>
                <th>Action</th><th>History</th>
            </tr>';
	while($rowgetAll = mysql_fetch_array($dbgetAll))
        echo '<tr align="left" bgcolor="#FFF" id="'.$rowgetAll["ID"].'">
                <td>'.$rowgetAll["serialnumber"].'</td>
                <td>'.$rowgetAll["name"].'</td>
                <td>'.$rowgetAll["department"].'</td>					
                <td align="center">'.$rowgetAll["checkout"].'</td>		
                <td align="center" width="100px">'
                	.checkavailable($rowgetAll["available"],$rowgetAll["ID"],$rowgetAll["checkout"]). isdelete($rowgetAll["ID"]) .'</td>
                <td align="center"><a href="../modules/admin/asset/functions.php?do=viewlog&id='.$rowgetAll["ID"].'" rel="ibox" title="History">View</a></td>
              </tr>';                                          
    
	echo '</table>'.$sql;
	echo $name.'_'.$department.'_'.$status.'_'.$checkoutby;
	
}

/* Execute functions on demand */
if(isset($_GET['do']))
{
	if($_GET['do']=='insert')
		assetinsert();
	if($_GET['do']=='checkout')
		assetcheckout();
	if($_GET['do']=='checkin')
		assetcheckin();
	if($_GET['do']=='delete')
		assetdelete();
    if($_GET['do']=='viewlog')
		assetviewlog();
	if($_GET['do']=='filter')
		filter();
}
?>
